Privacy Policy

NestStep is designed with privacy as a core principle. In solo mode, your data never leaves your device. This policy explains what data is collected, how it is used, and your rights.

When you use NestStep without an account, all data is stored locally in your browser using IndexedDB. This includes projects, notes, photos, contractor records, and home profile information. None of this data is transmitted to our servers. We do not have access to it.

When you upload a home inspection report PDF, the file is sent to a third-party AI service (Anthropic) for text extraction and project identification. The file content is processed in real time and is not retained by NestStep or Anthropic after the response is returned. The extracted project data is stored locally in your browser.

Payment data: If paid tiers are introduced, payment will be processed by Stripe. We will receive a confirmation of your purchase but will not store your credit card number or payment details.

Authentication data (Couples Mode, when available): If you sign in, we receive basic profile information from your authentication provider (such as your name and email address from Google or Apple). This is used solely to identify your account and link you to your partner.

Synced data (Couples Mode, when available): If you use Couples Mode, your project data, notes, and home profile are synced to our cloud database (hosted on Supabase) so your partner can access them.

NestStep does not use third-party analytics services, tracking pixels, or advertising SDKs. We do not track your behavior within the app.

See our Cookie Policy for details on what cookies are used and how.

In solo mode, your data exists only in your browser. It is retained until you clear your browser data. With Couples Mode (when available), synced data is retained in our cloud database for as long as your account exists. You may request deletion at any time.

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. Data may be shared with: Anthropic (for inspection report processing), Stripe (for payment processing, when applicable), Supabase (for cloud hosting, when using Couples Mode), and as required by law.

You have the right to: access the data we hold about you; request correction of inaccurate data; request deletion of your data; export your data using the Export feature in the app; withdraw consent for data processing at any time. To exercise any of these rights, contact us at privacy@nest-step.app.

Cloud-synced data (when available) is protected by row-level security policies, ensuring each household can only access its own data. Data is encrypted in transit using TLS.

NestStep is not intended for use by children under 13. We do not knowingly collect personal data from children.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the Service constitutes acceptance of the updated policy.

For privacy-related questions, contact Field Assembly LLC at privacy@nest-step.app.